Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
File:                     QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft (raw, json)
Hash identifier:          JN2DDinzDd7jkdY10kxadB7qn6HdFkKVSkNVz5EUy7c=
Subject key identifier:   47:BF:BB:35:77:17:9C:73:B4:91:7B:03:90:E4:B0:DA:F7:80:3B:CA
Authority key identifier: 41:78:5C:B5:FC:6B:40:FD:F1:4F:72:A6:D2:5F:41:43:C1:7C:31:7C
Certificate issuer:       /CN=41785cb5fc6b40fdf14f72a6d25f4143c17c317c
Certificate serial:       019A4EF56406743E8356E7C9F06FBE6EC17C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
Manifest number:          169D
Signing time:             Tue 04 Nov 2025 13:01:36 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:36 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:36 +0000
Files and hashes:         1: QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl (hash: f/UfRRpbvCM5qdM8o47Cff6FMdLVG6M/wFZkocNodPg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:64:06:74:3e:83:56:e7:c9:f0:6f:be:6e:c1:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41785cb5fc6b40fdf14f72a6d25f4143c17c317c
        Validity
            Not Before: Nov  4 13:01:36 2025 GMT
            Not After : Nov  5 13:01:36 2025 GMT
        Subject: CN=47bfbb3577179c73b4917b0390e4b0daf7803bca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:f2:0a:5f:fa:8f:c0:ae:90:b4:b7:3b:0d:77:
                    94:8e:ee:43:9a:cc:fd:3f:80:30:a7:b0:36:2e:c0:
                    6c:82:4a:d7:24:f2:3f:78:dd:4c:7b:0c:d1:2e:a4:
                    5c:9c:7a:7b:f6:c6:21:27:28:ca:4d:c6:44:1e:c2:
                    e0:06:99:61:74:21:5c:50:a4:3b:eb:b3:79:e6:9c:
                    ee:02:a7:72:f6:fc:7a:21:89:aa:ae:54:15:ce:f6:
                    c6:c1:99:c8:65:d9:57:8e:6a:7d:77:c7:8f:d2:c9:
                    78:3c:30:bd:18:a2:e6:a4:00:b8:11:41:56:a6:89:
                    75:33:7c:67:85:b7:98:01:7e:e5:e6:67:6a:e2:a1:
                    a6:a6:29:32:32:c5:59:0a:9b:51:f8:dc:28:44:f5:
                    c6:ce:0a:32:23:d6:81:5f:6e:2e:0c:b6:b8:97:99:
                    4f:03:56:03:f1:15:86:c3:62:5d:21:0d:6f:de:05:
                    25:b2:a3:0d:d6:ff:40:36:c2:e7:f6:5a:76:76:31:
                    0c:86:f1:9d:58:e8:a3:05:85:de:b7:b8:fc:46:89:
                    0e:28:e0:69:31:e0:1b:8e:b3:4c:b7:8d:09:41:86:
                    f0:06:f3:cb:f0:6e:f0:6b:5a:5d:24:7e:fd:2c:7b:
                    c2:6b:d9:55:3e:e3:fb:32:bd:0f:5a:33:68:14:1d:
                    79:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:BF:BB:35:77:17:9C:73:B4:91:7B:03:90:E4:B0:DA:F7:80:3B:CA
            X509v3 Authority Key Identifier:
                keyid:41:78:5C:B5:FC:6B:40:FD:F1:4F:72:A6:D2:5F:41:43:C1:7C:31:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:4c:6b:f4:c9:59:47:59:b1:ad:e5:9f:65:8c:bc:44:bb:48:
         41:d6:91:8b:b8:5a:d7:b5:11:ee:ef:64:bc:e4:a0:4a:44:c4:
         05:41:98:87:37:2a:c1:f1:df:f3:26:b0:7d:15:9e:12:0c:be:
         1c:67:91:ed:7e:a5:ba:c7:df:9a:f9:7a:61:53:e6:b1:42:d1:
         91:0a:03:3b:af:1e:73:df:f5:1b:5b:fe:fd:5d:a8:c0:24:6e:
         e1:f6:38:57:92:b4:0d:a8:3d:91:f2:32:bb:0e:1e:f9:5d:53:
         1e:2b:ad:2f:63:b2:f2:ce:25:eb:46:fe:3c:73:9b:3d:e4:b0:
         7c:79:f1:21:f0:df:e3:5f:fb:f8:bf:e6:5e:d2:e9:3e:88:7e:
         7a:66:9c:9b:61:c9:f2:f4:67:6a:6d:e0:f7:f0:a0:ea:61:ac:
         81:34:46:3b:0b:af:d6:73:31:9e:5b:b6:ac:bb:ee:da:51:7b:
         7c:ef:b4:5a:63:0d:54:87:36:69:35:cc:16:24:f8:9b:ad:02:
         27:24:0a:c0:50:5b:07:14:16:dd:c4:4c:8d:61:30:82:2e:6d:
         22:12:b8:e9:a1:5f:c2:15:c3:f0:90:54:c5:95:ba:a5:43:7d:
         71:bd:95:68:df:11:92:4d:8d:4f:38:a3:a4:b9:33:7c:c2:df:
         37:04:8a:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9WQGdD6DVufJ8G++bsF8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzg1Y2I1ZmM2YjQwZmRmMTRmNzJhNmQyNWY0MTQzYzE3
YzMxN2MwHhcNMjUxMTA0MTMwMTM2WhcNMjUxMTA1MTMwMTM2WjAzMTEwLwYDVQQD
Eyg0N2JmYmIzNTc3MTc5YzczYjQ5MTdiMDM5MGU0YjBkYWY3ODAzYmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/IKX/qPwK6QtLc7DXeUju5Dmsz9
P4Awp7A2LsBsgkrXJPI/eN1MewzRLqRcnHp79sYhJyjKTcZEHsLgBplhdCFcUKQ7
67N55pzuAqdy9vx6IYmqrlQVzvbGwZnIZdlXjmp9d8eP0sl4PDC9GKLmpAC4EUFW
pol1M3xnhbeYAX7l5mdq4qGmpikyMsVZCptR+NwoRPXGzgoyI9aBX24uDLa4l5lP
A1YD8RWGw2JdIQ1v3gUlsqMN1v9ANsLn9lp2djEMhvGdWOijBYXet7j8RokOKOBp
MeAbjrNMt40JQYbwBvPL8G7wa1pdJH79LHvCa9lVPuP7Mr0PWjNoFB15BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEe/uzV3F5xztJF7A5DksNr3gDvKMB8GA1UdIwQY
MBaAFEF4XLX8a0D98U9yptJfQUPBfDF8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hZTM4NDAtN2RkYS00ODJlLWEyNGUt
ZTQ2ZWM1YjliMDZjLzEvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hZTM4NDAtN2RkYS00ODJlLWEyNGUtZTQ2ZWM1YjliMDZj
LzEvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMkxr9MlZ
R1mxreWfZYy8RLtIQdaRi7ha17UR7u9kvOSgSkTEBUGYhzcqwfHf8yawfRWeEgy+
HGeR7X6lusffmvl6YVPmsULRkQoDO68ec9/1G1v+/V2owCRu4fY4V5K0Dag9kfIy
uw4e+V1THiutL2Oy8s4l60b+PHObPeSwfHnxIfDf41/7+L/mXtLpPoh+emacm2HJ
8vRnam3g9/Cg6mGsgTRGOwuv1nMxnlu2rLvu2lF7fO+0WmMNVIc2aTXMFiT4m60C
JyQKwFBbBxQW3cRMjWEwgi5tIhK46aFfwhXD8JBUxZW6pUN9cb2VaN8Rkk2NTzij
pLkzfMLfNwSK2w==
-----END CERTIFICATE-----